def grant_access_token(request): client_id = request.POST.get('client_id') try: client = Client.get_by_client_id(client_id) except KeyError: return JsonResponse({'error': 'incorrect_client_credentials', 'oops': "No such client %r" % client_id}, status=400) client_secret = request.POST.get('client_secret') if client_secret != client.client_secret: return JsonResponse({'error': 'incorrect_client_credentials', 'oops': "Incorrect secret for client %r" % client_id}, status=400) code = request.POST.get('code') try: authorization = authorizations[code] except KeyError: return JsonResponse({'error': 'bad_verification_code', 'oops': "Invalid authorization code %r" % code}, status=400) if client_id != authorization['client_id']: return JsonResponse({'error': 'bad_verification_code', 'oops': "Invalid authorization code %r for client %r" % (code, client_id)}, status=400) redirect_uri = request.POST.get('redirect_uri') if redirect_uri != client.redirect_uri: return JsonResponse({'error': 'redirect_uri_mismatch', 'oops': "Incorrect redirect URI for client %r" % client_id}, status=400) # Okay then. token_token = squib(20) access_token = { 'token': token_token, 'username': authorization['username'], } access_tokens[token_token] = access_token return JsonResponse({ 'access_token': token_token, 'user_id': 'https://%s/person/%s' % (request._environ['HTTP_HOST'], authorization['username']), })
def user_endpoint(request): client_id = request.GET.get('client_id') try: Client.get_by_client_id(client_id) except KeyError: return OopsResponse("No such client %r", client_id) scope = request.GET.get('scope') if scope != 'openid': return OopsResponse("Unknown scope %r", scope) redirect_uri = request.GET.get('redirect_uri') authorization = { 'client_id': client_id, 'redirect_uri': redirect_uri, } code = squib(20) authorizations[code] = authorization return TemplateResponse('connectme/user_endpoint.html', { 'code': code, })
def __init__(self, **kwargs): self.client_id = squib(10) self.client_secret = squib(20) for key, val in kwargs.items(): setattr(self, key, val)